General
-
Target
2628ad9be62db33bcc2dd982d80a7ec4ff840349a658795e13ef9611b784eefe
-
Size
423KB
-
Sample
241120-wl21bsvnhr
-
MD5
fa6a95df0af45ff6601696678af711b6
-
SHA1
c87653f543d7c9386b92732e02ee64deac0e0100
-
SHA256
2628ad9be62db33bcc2dd982d80a7ec4ff840349a658795e13ef9611b784eefe
-
SHA512
362d3bd45dcf7b419661a4a77545d337d7f294a143f732e18dd7f728f04e99772bb45e205513c4c03f6975778ba2d812cc6e288ff5e6591ca04ad2a639d3fc02
-
SSDEEP
6144:ixEtjPOtioVjDGUU1qfDlavx+W2QnASFR:TF
Behavioral task
behavioral1
Sample
2628ad9be62db33bcc2dd982d80a7ec4ff840349a658795e13ef9611b784eefe.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2628ad9be62db33bcc2dd982d80a7ec4ff840349a658795e13ef9611b784eefe.xls
Resource
win10v2004-20241007-en
Malware Config
Extracted
crimsonrat
167.114.138.12
Targets
-
-
Target
2628ad9be62db33bcc2dd982d80a7ec4ff840349a658795e13ef9611b784eefe
-
Size
423KB
-
MD5
fa6a95df0af45ff6601696678af711b6
-
SHA1
c87653f543d7c9386b92732e02ee64deac0e0100
-
SHA256
2628ad9be62db33bcc2dd982d80a7ec4ff840349a658795e13ef9611b784eefe
-
SHA512
362d3bd45dcf7b419661a4a77545d337d7f294a143f732e18dd7f728f04e99772bb45e205513c4c03f6975778ba2d812cc6e288ff5e6591ca04ad2a639d3fc02
-
SSDEEP
6144:ixEtjPOtioVjDGUU1qfDlavx+W2QnASFR:TF
Score10/10-
CrimsonRAT main payload
-
Crimsonrat family
-
Executes dropped EXE
-
Loads dropped DLL
-